Researchers find a trio of serious flaws in Lenovo PCs

By Shawn Knight
May 6, 2015
Post New Reply
  1. massive security risk lenovo computers patch vulnerability flaw superfish lenovo computer ioactive

    Less than three months after Lenovo’s embarrassing Superfish fiasco, the Chinese PC maker is under the microscope once again. Security research firm IOActive recently disclosed that it found a trio of vulnerabilities related to the company’s System Update feature.

    One of the vulnerabilities allows both local and remote attackers to replace trusted Lenovo applications with malicious apps of their own that can then be run as a privileged user. Another flaw takes advantage of a weakness in Lenovo’s security token system while the third vulnerability lets unprivileged local users run commands as an administrator.

    Fortunately for Lenovo, IOActive did the right thing and reported the vulnerabilities before going public with their findings. This gave the PC maker plenty of time to get the issues worked out via a patch issued last month. The flaws were originally discovered by Michael Milvich and Sofiane Talmat.

    The flaw is said to affect all ThinkPad, ThinkCenter and ThinkStation products as well as B, E, K and V-series systems.

    You can determine the currently installed version by opening Lenovo System Update, clicking on the green question mark in the top right corner and then selecting “about.” If you are running version or earlier, you’ll want to go ahead and update as soon as possible. Another option would be to simply wipe your device and install your own copy of Windows.

    Permalink to story.

  2. 9Nails

    9Nails TechSpot Paladin Posts: 1,212   +174

    I usually wipe the hard drive on new computers and install my own copy of Windows. Just more reason to continue to do so.
    rpjkw11 likes this.
  3. Samaelvonhell

    Samaelvonhell TS Rookie

    Software flaws? Not much of a problem. Write about hardware/electronics flaws that shenzhen topstar/lenowo makes. Or poor quality materials used by them.
  4. Backdoors in hardware from a Chinese vendor? Nooooooo....I'm shellshocked.
  5. You were just advertising Lenovo, 3 days ago too Techspot! Shame on you.
  6. Skidmarksdeluxe

    Skidmarksdeluxe TS Evangelist Posts: 6,341   +1,939

    So why shouldn't they? Advertising them is far different to recommending them.
  7. edee02

    edee02 TS Rookie

    Oh give me a break ....... your very own Windows system has a bevy of back doors, all courtesy of our USA based Microsoft.
  8. war59312

    war59312 TS Booster Posts: 114

    Prove it!

    Stop spreading FUD!
  9. Runt1me

    Runt1me TS Rookie Posts: 30

    shill or trolling?

    Search the rest yourself its easy, it isn't even debatable anymore weather windows has been/is backdoored, it's common knowledge. + they still push for more.
  10. edee02

    edee02 TS Rookie

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...